Vincenzo Iozzo, an Italian security researcher, says he's discovered a new way to inject executable code directly into the memory of a Mac OS X machine without leaving any trace behind. That would make detection of an attack considerably more difficult.

Attackers normally leave files on the hard disk, such as their own code and virus scanners can spot these, but Iozzo's technique could be used to run a binary file entirely in the memory area of the program under attack, so that no change is made to the hard disk. It could also be exploited on an iPhone, which after all runs a modified version of Mac OS X.

Iozzo intends to present his discovery at the Black Hat security conference in February, and then publish a sample program written in C for Mac OS X 10.5.

Holy crap -- you mean he's found a way to run code in RAM only?!? Wow! That's... uh... pretty normal actually. In fact, that's what most exploits for most platforms do. Pretty much any buffer overrun can be used to do the exact same thing as this "revolutionary", "new" technique.

This reeks of the sort of sensationalism and half-assed reporting that we've seen in recent years. Kinda like whenever Intego notices a dip in their sales and decides to write a puff piece on the latest trojan, this article is just junk meant to scare you and make you take notice of a person/company with an axe to grind. Ignore it, and stop doing their PR for them.

MacRumors attracts a broad audience
of both consumers and professionals interested in
the latest technologies and products. We also boast an active community focused on
purchasing decisions and technical aspects of the iPhone, iPod, iPad, and Mac platforms.